It would appear a solution to the firewall being open before shorewall start is to use the 'shorewall-init' package.
http://shorewall.net/Shorewall-init.html The extra init package closes the firewall prior to shorewall startup avoiding that issue (assuming you set the product in /etc/default/shorewall) It would also be wise to set safestop=1 as per the advice on the page as Debian based systems drop the firewall before halt. I tested my restart while pinging with shorewall blocking ICMP, never got a reply so I assume it works and blocks network before shorewall fires up. I haven't tried testing the Deb service file using network-pre.target as the above appears to be working nicely. I may do this later if curious. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1511869 Title: shorewall does not start at boot To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shorewall/+bug/1511869/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
